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system aiid method for securing access to ser.'ic<;s in a cojnputej -setwork. 

8.nd iiostti -vvert> interesitid h\ a tree juid opeii exchr-inet; of irdl>rn>ation, bxid where usct? ;uKi 
hosts irii-nuaUy ;.n.!Sied ona JirioShcT. Hovvcvcr, the inierricM has i;n>\^'n drarnaucfilly, 
currenth' iritercorujeciing -.ibout iCf'KOOO cornp'-iler network;; a,nG several n^.-ihon 
Sscaissft of its size and openiitss, tiui Internti has becojTic a taigct ot data Uiel.t> data 

I"; alteration and o;her mi schief. 

Virtually everyone on xha Intcnm vuhierable, Ikibrc eortfiecting to the lois-mei, 
cornpsirics balasree ih-c awards of ars intcm&x connecdon agairtsi risks <jf a secufiiy breach . 
Cairresu securify techriiques tislp proviiis clisot snd ssrver aisthcntieatiori. daia 
corifldersdauty, uyMeni iaiegruy and sys-tem iicci-as coturoi. 

20 The mosi popular ot'the ctjrrem ss-curity tecraiiques ls> s firev,-alL wh-cU incluJes -.ui 

jarermediate sy>;teni posaioaed between a trusted j-etworV: and the interriei. f he fnvwall 
ri.-presents an ourer peri-tieter of security Kirprevftatini^ uniiudiori.^ed eomnranicatior: 
betweer5 the ln.isted network ;.trid the IrsterueL A ilre-Aali may iftclude screetrirtg totjtefs, 
proxy j;er\et<.: arid applicatlori layi;-;- gatcu;\y;; 
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TOY us-ers. an the internet '■<..> access yxotecttxl 5ep,':CC;5 on trusreJ noiwoiK, the)' 
nsav be required k> provuki their ideraity to ilrewall by some ixieas^s vuch ihi: csuerifig a 
paAswoxd or by coraputiisg a rtsmn^ ia a chailcr*ge using a hajdv.-aii- tois'.eD. With proper 
aisthesvacatjon, the user is idiowec to pass througls the firewali inio dic lo>:itl network, but 
:S typioriiiy iitr.itsd t-:s predeferrt^sncd set cf'ser.'5ces such as e-snau, r iP.. etc. 

Sanie Ioca! network rrs3.;)agcrs place just outside ihe GrewaU a server, ottert referred 
{(■ as a ■\sacrtiiclaf iamb'' for stortng non-coniidcBisai data svbicli is easily as;.c<;3sible by ilie 
remote, user but pro v-duis ijriie security. 

A ■;..>e-'4iUtitnzed Zcne, or DMZ, sits between two firevvalLs proiect;.ng a trtisted 
aeivv'ork. Fbe ext?ri\?.i tirewall protects servers ir; tlie DMZ fror; e,-<tern;>l tfireais vvieile 
alk.Aving ilypebiext FtariSter Protocoi (irrir ■ .requ^sr?. 1 iie sraenuHl bre^Vitl; protects the 
trusted n.ettvcrk it) the event ilm one obiiio servcis in tlic DMZ eon^proivsised. Iv^any 
companies tiss DMZs lo ntain-ta-ti their web servers. 

Ascithsr security tectiaique for proieeting coir.put.&r nstsvorks is the -sstuinee and 
use ofpisbuc .key ceriibcates. Public key ceriiftcates are isstjed to a pa.rty by a cenifiaite 
authority, vvhicb vut soroe method vaUdaies the party' idstuity arid issues a >.er<iftt;aifc 
siattng tbe party's aartT^e au,d public key. As cvidencs- a.t' atitlientieity, th-e cenificate 
au;horit.y dig-tasiy ssgm^ the party^s eertiftcate asir^g the eertifscate Luuhority's prtvate key. 

Thus, vv.t5en a trser via a ciier.i coirtputer coruiects to a ,ser'<'-er, the cliet^t uxijiipute? 
ar-d server excba.nge public key cejtiiicates. t'-ach paity -verities the autbenuciiy of bio 
received ceni.iteaies by using Lhe ce.s-tif^cate authority's public key to venty the <;;g.natt5.re 
of the cert-tilcale. Theu, by eitcrypiing uiessages sviti'^ the server's public Ley tlx: userca!-; 
send secu.re cornrnttntcations to Ibe server, and by encrypting messages vvith th;; user's 



n);ght presenl a pubuc key censf-cale, oaiy the real user ;nid ihc icm hosihave fee 
corresponding private key rieeded tij decrypt the njcssagc. ExiitiMsie.s of aiuhenlscaiion and 
key dkuribution coniputer v.eoxsrilv sysjlerns include the Kerbetos^''* security sysien^ 
ds-vek-ped by the MasysctuKetts Instdute of Technology anci the NeiS?'^' st-curity syste-t^ 
devf^iopx'd by the IliM Corpitsmon 

l"h-;.-se security iechiri<;i;ue-5 ca\is<- problenis tor the raatniiig (traveling) user. The 
n-Brnxng user luust jnamtain identillcablor, arid autber^ticatios^ i^^tormaiion siich a;^ 
passwords,, cenifieAtes, key;^ etc ;srid casry iuudware tokens for responding to irystenj 
chsUtuiges. Therefore, sysleni and re-etiiod are n.eeded for autheutkadng a rosji^-ng ui-i-r 

SUMMARY or' TUb iKVEN TK^N 
TIk; preseut inveyition pro\-!des rx svsse;n and rnetdod ior authooricanng the idcrituy 
of a user In a coinputer [letwork. The net\<-";.irk systera ;.ach.uie^; a servei coupied vj;; a 
coropuier network to a eiieat. '.Jposx receiving a req-ueat for access. LfsC server sej-ds m\ 

IV- authciUicauoB applet to -.he clierU, The auTbentiv:atioo applet include^-; a u;,;sr idem.-rk,at!on 
(ID) module for obtaiajng a user ID and a password rnoduie icr. obrai.si-ng a elieju 
password. The autbsentjcatior: appisi also nsclades a respos^^e gejierator coupled to U\& 
password nicdule for u.sitig the client password as a varsabk; -n an algontim! to cotr-pute a 
client sespon,v.e. 'T'he authetuseatiors apples fuiU-er is)ci.udes a <;osr:n-n.jrdc;.itio!5s isiodule 

20 coupled to d?e tesporise generator ?.usd to the user II) rsiodiile J-.^r se.nding Uk- ciieot 

resporjss and the user .1,0 back to the aer'/er ior tiser atu.he,nticat!ori. llic client n.ses ao 
applet, engine to execute the applet T he ser^'er uses the received user ID, Uk-. icspc-r-se and 
possibly user iafbnriaiion to verify the identity of the user. 
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5 \. Jit, ( sK-^s >1 "■'.-n v'^ i B t r f iv'Sv'' 

re in r-rU 'U .^i-?5>aa^ ' ^ ^ ( n .tun >.-j-M^t h''Jn 

M<.i i^'^-V <->U'v!' iKsjJ \. i.\ y X ^ ^. -^C^l-t.'i^ >^ v.i > ! ^ 

30 1 ; 

l-.U"! f:- !? a tlosvchrj.!l iliuslraling a rRcl^sod lor retnotely accessing a secure .service; 
PIG. 6 k d tlowc.h;i:t ilKistnuing mitxih <if die Fu ;. 5 &k-:p of cteariHg ;i liak 
betwcirn a cUeru and the gii-fhal server oV"; 

FIG, 7 illtjstetes an ©xampis web page; 
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FlCl HA J-.: a flowchart iiiustra'Jaf? <Lkrails of the FIG. 5 -.;H>p o\ ncctMdUig a ^xrvtcc 
hi & first enibodirsisrit; 

FIG, SB is a flowcbiun lilosttating details of die FIG. fj step of .^iccessing a strvice. 
i:n a second cjnbodiRiSent; 

FIG. HC is a nowcriatt iliij^tratuig details of U'se P\G. S step of acces.sirsg <i ocrvice, 

FKF 9 ss a b,ioc.ifC dsagram illu.sifating a roarrjing-usa sictwork ;5cccs?; .system, m 
itccofdarice witii the pre¥.e.ni snvertttoru 

F!<}. ;0 is a blodc cxasx^n iilastraung details ol ib<: .remote lerntirta.! oCFKI 9; 
FIG-. ]\A k A biock diagram ir;u.siv;iring detaih. oi t.hc global ;5«rvet of FIG. 9; 
FlCs 1 J 8 is a b!i'.;ck. diagram iitusiraiiftf^ <1c?.aii>; o.f Jhe aumeistic-alion appSet of PiO. 

FIG. V2 ;s ;-.t block diagttttn ihiisu-siing details of the network computer c-.rFK.i. 9:, 
VIQ. 1 5 iu a fiv-vvchart i!lui;tratir=g a r;\eihv;d for renio-ely acceysi-ig a secure 
service; 

!-"IG. 14 is a tkrsvcitart F-. lustra tit^g detttils of tite FIG, 13 step c-f authssttjcatirt^ the 
remote temtiaa.! m&i in a ikst ernbodiment; arid 

FIG. 1 5 is a fiowchart. iilustratirsg details of t.l-e FIG. 1 '.s step of authsttiicatirtg titc 
Tcntcte tanriiaai -.iser ir, a secoad ernbcdirt^ieTtt, 

M^^lLljl I>jMj--^^V^O>^ Os- THF PR,E}d-RRj;D FMBGDIMFN i 

FIG. .1 Is a k/iocl; diagrant iilosLtitting a.;) er<cn)plary roat^ting-tiser network access 
SYSte.t^:i 500 in accordans^e wjth the pre^tetn Invention. Sytiteni iOO ii^cltides as; 
tntetconnecieci ttetwork of cotnptrrers referred to hereir. as an ''httentef 102. Sysietn Fi(t 
further mcludes a first company network 1 1 2,, a second company network 1 18, a kiosk 
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coupkd to ihc Internun 102. 

C:r,rr.pat)y net^vcrk 1 12 inciudes a firewall 1 16 txmpled benveea the latemst IQ2 
rmd a cHerit con^pau-r 1 14a. Conipativ network 1 ; 8 ir.cludci; a iirewaii 120 u;oupl\:d 
bs-vweeii the Internet 102 aod an snterrial nciv^'ork siyrsal bu:.= 1 26. C.^;mp43r;y sieiwork i 
further jcclude;- firsi i;ervet 108a for providisig ;i hrst <;ex'vice i lOa, a sec>.irid v;ervx'. U)Hb 
for providirig a SJ:co,nd service 1 10b, a llnu ciicat cornpuici 1 14b i;to.ring a prog.r3.'n ibf 
provsdmg a Uiird service 1 iOc arid a second cUeju computer i Me, each bdng coupled 
sig.nal bu.'s 126. It will be appreciated that aay of the vd-eu? v..a?r:pi.us.r<:; ij.e., clicut 
c>-.:--npu-e!-3 1 14a, 1 ;4b, etc.) njay be aay eouvpuitr, iiiid zny otXkt sen^er^; rriay b-s arj.\- 
cornpuicr coupled tc> ar.d capable r>f ben^g polled by any of ihc chenr. compute.;-;:. Exainpli 
services for which services i iOa-l lOd fepreseni jneiude asi e-maii service prograsn, mi 
addre<;5 b:>ok service prognJin, a eaiei^dar service prograiii, a pagi.t\g ser.'ie*; proaraiT!, 
cojrip;u5y da-^.base .service program. «r:U any of die like. 

The kt0?k network 138 mcludcs a fir^i client comp-iT.er .1 1.4d and a second client 
cornpurer I .I4e, each being ccupicd together and to the iniernel 102. The ISP rieiVvOtk 
•ncSudes au .tSP 148 coupkd via a Vvdreless chiiniiel 146 to a fu;;iciiei)t computer 1 !4f asid 
eoapled via rn.ode.m.s 1 52 and 1 56 and via tniivsnrissio-x ime \. 34 to a second client 

The Internet 102 inciudcy a global server 106, wiiich it: pjotected by a global 
firewall 104 arid includes a server lOHc for providing a .service 1 sOd. hsicreojrujvua^aciirion 
between ci;erit eompnter^ 1 i4a-l 14g and sxrviees 1 lOa-1 1 Od i^- acoofriplhshed via tne 
global ses-vsr l';6. If, ib: exaj-ople. a userof itny one of toe client eornptstcr^ 1 !4a-! I4g 
w^^aii.s to acceii? a service 1 10a--l lOd (%vbich iri provided at a locafiori wiujiij system 100 
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\}m i<.: tn^krsciwn to tbe nser), ll-en ib^c max isppiies a kn<:}\^i\ iJriifovm Rei-ource Lycstor 
(( IRI.) to access a web page operated by globai s-^i ver 1 06 At; example web page 700 ;s 
sb.o\sfi m and de-scxibed with rs-fexerice U> riO. ?. Tb.e giijbal njewais .104 protects die 
giobal serves U.H> .(roni exteniai threaii-. 

S Be?bre >-;bt.;>in!ng access privileges K) the faiictionaiity provided by (lie global 

ttcrvei i06, U\c user nvas-? ftrsi obtaisi authorizauoa from t.be gk-jbai xers-er sOfe. ?,)b;a5!iir>g 
autriors^-ahors typiof.Uly requires ti<er identivkabon and aiuKenticaboa, for example, asirig 
pabHe-key cs-rtifieates, Onee aul.bcn?.-caied, Ib.e global ser\'er i06 prrjviae-v th.e use;- xvhh 
;ic.eeas lo ihe services llOa-l lOd. Ii wiil be appreciated tbat varyiag Iftvela of access io 

in sefvicev. } i Oa-1 iOd Vv sH be granie;i b;.ised or: veryiag sireegins of IdersUf;c'.Uk»i and 
sistheaticatsoj^ aisd otj the privacy of lhe commusicaiions ehasmel. 

106 n-ssy UL;e tonvemiceial appleis, servls-s or ii.ge;us in a djstnbutee: ne- vvork eevirorenerit, 
e^ich as rhe Javfi^''' di,siributed envboan-en-, produced by 'die Ntnscspe Corporation. The 
15 global ser.'er 1 06 providei- ihe user's cbem with access to a^ad control of the services 1 1 Qa- 
1 lOd, The global server 106 aiay red-rect the user's client lo access ihe servioea 1 iOa- 
L lOd ttselC the gk>bal server U)6 may access the services 1 10a- 1 lOd itself aad provide 170 
to the cbeju by proxy, or ths global server 106 may prov-de ihe ses-vkes 1 lOa-1 U)d useif. 
I'bese three different modes of access to the ;;erv ices i lOa- 1, H)c1 are described wiih 

The global sepcsr 106 njaitualns the network addresses of all itie services 1 lOa- 
1 lOd, b'tc user's p-jblic and private keys, ihe user's accoiait nacibers, fuevv'ali 
,;jut'a.eribcarlon infcm:;abon, eic. Firewall autheaticabor: irdonriauor? includes ihc acoessary 
ktentification, passwords and certificates needed to pass firewalls 1 16 and 120, 
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Accordir)i-h\ Uie liscr need only n^ajousin the liRL of -he globas ':>er»\^^ !06, and 
idei-siitlciaion and autherJicafion informiU-oji ^uch a? iS pa^rAvo;d or haTOVv'cue toV.en tor 
obtrisnivig access to the furK-UorialUy of the gii.sbai strvcr 106, 'Fhiio., dis roanursg axer cari 
;ACCer>s. con-puter serviix^s 1 5 0;i~i i(>d !.:sirii4 any co!r;pu?er Lerniiasl Vs'i^ich iS- ;:oR.0Cvted ic- 
5 the kitmvet 102. 

l-iC}. 2 ;s a block dsagnim iilusr raring dcUiUa of a clkai compyter ; 14. such, tku 
each of clienti^ 1 14a-l \4d is ar. instance oi ihe client s 14. Ihfc clkm 1 14 includes a 
Ceijrr;il Processing L^nit (C?Ui 2)0 such iis ;? Motorola p-ower PC® ,n\iaop.rocessor or a.n 

W unel Pt;!itUKr;* rnjcfoprocesi-.or. An inps.!?. dsvice 2;:.0 sucli a.s a kevbo^jd aad rnou-i;e, an;i 
•an output device 230 such .'..s a (."athodc Kay Tube (CR T) display coupled v;a a s.uraal 
bus 240 to CPU 2] 0, A mmmximcmiom mterface 250, a data storage device 260 such as 
Read Only K't^roory R.OM) or a rnagnatic disk, a.nd s Randoxn-Access Meo-son' {RAM} 
27-;.s are furtl-er coxjplcd via signal bus 240 -o CPl.5 210. Trie commuri^catioTJS inicrtaci- 

15 r-:A\^nt ornputci 1 1- is coupled to tl-so Internet 102 as shown in and described witii 

olen^uo.' . > bkl ^ 

\r orcr»tjr>4 Mcra 280 includes a prograni for controliitsg processing by CPU 
2[(K axiii is lypical-ly stored in data storage device 260 and loaded into KaM 270 for 
esecutioTL <:>psrati;-sg .sysren? 280 includes a cotri?nunic;uion engune 282 f;.;r geneast-ng and 
20 trausfetTUig snessage p:hckets to and fronj die intentct 106 ^ ia the i:omnv,.jriications 
iolerfecc 250. 

Operating systent 280 tlirther includes an internet engine •:;-.icl5 as a web browser 
2?!4, e.R., the Netscape'''' web browser prodvived by t.bo Ne.tseape Corporador} or dtc 
inicrnei Lxpltircr'' ' web 'orowser produced by die Miero.soti CA>rporadon. 'Phc ">.veb 



brov,->;er 284 iric!«de;; ai; eucr/p-ioT: engine 2SS ibi encrypning messages uying public mai 
pnvaie keys, ar.d asi appk't cugsoe for execiiung appi&t.s 288 downloaoed irons iha 
pJobal server i06 to c-isbk- the acces;; lo coTnputcr services 1 10a- 1 1 Od. Dowriloaded 
appitns 388 may ij^ciudc security applet.^; 290 for pcrionrdr.g services such as user 
ideniif!ea-i>,-n and aiiihetujcatioyr, n-if;ssage integrity serv'soes.. and ce-^unca^v^ verif"icad.o-i. 
The bro\v.-ier :?8<; fiirthor receive;; u-.-i> page data 3Vl (FIG. ?}, conilgurauon dau; 390 ^jk! 
irdbrmation identifying a set of selecr.abK- services I lOa-l H)d, arsd uses she uxfoxmuiiim to 
display the wsh pag^; 700 O-IO. 7 !. His v.eb bcowser 2H4 snabkv^ a ayer via ihs; cUe.ni 
1 14a -l 14g: to selecl one of the serv-ce^; i lOa-i lud u>t execunyss, 

h will be -appreciated thai a client 1 1 4a-l I4g such as diem 1 1 4b may include a 
service erudris 490 (i;et: FIG. 4} for providing -s serv-icc 1 sOa-i i{!d iucii as. servicft 1 'Oc. 
Th«s, it is possible for a cUeni 1 1 4b user m reqisest access to service 1 1 Os via d^e global 
server 106, without knowing thai the service 1 lOc is provided by client i 14b, 
Accordingly, the globaj sers-er lOo will pjovidc ciicjU 114 with aji appb.ii .iVjT 
providing user mtcifacc 1/0 -ji' service i idc back \x> clisni 1 i4b, 

FIG. 3 is a block diagram illustrntiiig details of the global server I06» whieli 
includes a Cl^lj 310 ;-uch as Mosorcda !\)v>er PC*' ndctep?ocei:3or oj' &o Intel Feritustn'^ 
a-dcroproccssor An input device 320 sneh as a keyboard and tnouse, a:id output device 
330 such as a CRT display are coupled vis a signal bus 340 to CPU 3 10. A 
eotrunynicadons jjnerfacc 3. '50, a data str^ragc device ?6fi vach a^ .ROM or a niag5)etic disk, 
;3iid a RAM 3/0 arc i\;rthet co-upled \-ja signal bus 340 to CPl.i 310. T.he eonnnuoicatioas 
interlace 350 5S couveotiotKniy conplsd as part of the Iniernet to the chesVLS IJ-;. 



Although ihe. global >-ervcr 106 i? descrjho<l as a .siagic coaiputsr. it svili be appreciated 
that ih;.^ global server 106 juay include niuUipIc co-ripiueri= Dci^oskccl JogsU-er. 

Operating systeni 380 incliids.'j n program for cDrjt.rolj-.og proces.sing by CPU 3 
and Is typically ssored in diita storage device 260 ayjd leaded iivlo RANI .';70 for execution. 
Operating sysieni 3 SO ineliids-;; cti-j-iauji-lcat-on cng.irie 382 tor generaurrg iuid 
transferrlrsg message packets lo a.od fvom client co-Dpuiers 114 via uje eorntTiUJiicalloris 
interface 350. 

Operadrtg system 380 iUrrher incUkk'S, a;- parr. «1" global fuewail ii.!4, KccvLruy 
services 384 for opening a eorniyiUiUcations chariiiei vv'idT lusery. For exafnpie, when a 

10 client aitcjoptt; to access the global server 106, the ::;ectsritv service;! 384 tusi detcnriines 
whether the global i^crvcx- 106 ,:U,cepti; In-boaod comnvan.icadons froo; a partieidar pen 
■ not sbo^V!-:) astd svhether the iservlct hi-;t erjguje 386, <k'5crsbe;.l below, i^; authorized ;0 
coni-icct to that partleulai pori. If so, Uve secsrrhy sen-ices 384 aiknvs the co5n5nc.tncatiocs 
engine 382 to open a conjjnnnicarions chanrtcl via trse panicn.lar port, to tae chei'-l I j4t;- 
I I4g, Otherwise, oo ehannel VvlH be opened. 

The operating systeni 380 funl-er .includes a v,'eb e.ng.irie 387 vvb/ioh, based on 
user';? ldenuficatios5, the strength of the ui-er' s auUicnUcation and ti\e privjicy of the 
commun'.caiions channel ldr\viird;; wsb page data 391 and i.atbrn5atlori Ideniifyirig a set of 
available services llOa-l lOd to the ditm i 14a-- 1 14g. An esanrpie sveb page 700 is shown 

?0 and described with reference to Fit). 7. The svcb engi-ie enables a user to select a 
serrlce HOa- ni>d bonx the ^veb page 700. 

The svib cngiric 387 isjchxles a aervkt host eixgine 286, which dov/nloads security 
applets 290 including ai) auilK'nticatioii applei inot showii) lo th,e clIeTti ct>iTiT.iuter 1 14 and 
accordingly execute,*; ai5 aiUhenticatKxa sendet 397 of serviets ,3S>8 fot perfbnnbsg 
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idendtkaiiD-i ;irid >3Ut.heniic;uioa .services. "Vhs ajuheuucstson applet 290 prompts ihe ui>tT 
for identiOoatiors axjd aulhei'^tication irifbrmatioiu iu-d the?.; oon'mruiiicatcs th*; ixifonr.iuior; 
to the. auiheriticatioi-!, 39''. Tho ausheniication serviei 397 verifies that the 

uiformation is correct, U will be !>ctsd thai ihe user's iurshexuicatioxj ii5.fo-mi:it.ior; is r;ot 
?: ncoes.sariiv sent to the aiiiberst-catiori scrvkn >07, but raSher its e:<istence and correctness; iy 
prove.!) via a secorc iTicaiis 'oi.ich as a secure iiash. T'.he aervict host engine 386 iliilher 
includes a <;ocx.5re coainraTiications engine ?96, which joay uiie public key certincstes 5o 
riegotlaie a secure coirj-municalioiii: ehaiioel wli.h t.he c.ijent co-Tspuier 1 1 4. 

Upon seif;;Mion of a sen/ice 1 1 0a- i. I Od, the serv let hx'Si engine 86 downJoad;; a 
to corresponding applet 3 SS, coxTesponding ooxifigliration data 390 and corresp«iidi.ng aser 
data 392 S-nc may download cojxesponding service address irdbnTsatson 35)4 to the clioni 
eompiUer 1 14. Cosrfiguratian data 390 includes iaformation for configuring the user's web 
browser 2S4., tor eon.ugv;ring die. dovvrjioaded applcw 2isS. and for eo.n.Cigun.?:g 5^=^ selected 
service 1 lOa- i iOd. V^^r data 3!^'2 may inciude uscT-cujd-yervice-^pecjfic irdbravatson such 
as siorfid bookmarks, calendar data, pagvOr iiiunbess, etc. wh;ch was specilkaliy stored ori 
the gk;bai .server 106 tor easy access. Service address iatbrniatiosj 394 lr.lentif:e.s the 
location of the sesvlces 1 iOa-S lOd provided hi systeni 100 by the global se.r\'er )06. The 
client corapuier ; ;4 executes the corjespoadlng dov.Tdoadcd applet ^A.bich via the 
servlet biost eng-ne 386 ipossilay uyiiig a eecxespiin-iiaij servlet ^98) enables the trser to 
20 access mid lo control the corresponding services I lOa-d lOd. The downioadabk applets 
3B?1, configuration data 390, nser data .s92 arid .service addroys inibrroation 394 rriay be 
stored on the data storage device 360, 

.A keysafe '19S x ci:.\l& ble &^r storing each user's '•dentificatson intorrnation. each 
user's public und private keys. Ci^ch llre^vairs pat-sword uxk)nn;iUc'n, etc. The keysatc 39;' 
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is ori7;5ni2?d lu a linked list forrfsat so ih-xu based on iht ^veiectcd service i lOa-l lOd, 5,he 
giobiii ser\'er i06 oasi retii^ve the appropriate ,firev.-a!rs password jritViirnation. fee 
appropria-e user's idsritsfjcation snibrrrsation sj-^d keys, cU.. The i-;e>ssi£- 395 may be stored 
on d>e data stomgs device 360, 

1-iG 4 !.s a block diagnirn slkksiraisrsg dclaib oi" a ss-rv-ce s«--ver \0S, i;uch that 
servers 10!^a-;08c and cpent 1 Mb are iaslavKes of.servcr 108, Server 1Q8 ini-iudes a CPU 
4\0 mch as a McHorola Po^ves- PC* nvtcroproce^sor or ;sn Int&l V&ivCnmf mkroproci'SHOX . 
An iiiput ok'vio-; 420 s'jch as a keyboard and mouse., and an GXx\pi.n di;VK:e 430 such as a 
C^RT display are couplod via a signal bus 440 to (?Plj 4]0, A con-friuriicadorsy intcdace 
450, a d&i& storage device 4!>0 such as ROIsf or ri rnagneuc disk, and a R.'\.M 470 are 
ftistlier coupled via signal bus 440 lo CPU 410, I'he conuriuriicatiofis roierlace 450 is 
coupled to the ciieitts 114 as shc^vr; :t! a.nd describee with ■eierencc to HQ. 1 . 

lh(i operating sysseni 480 includes a progtarn for controdsng processing by CPU 
410, ard is typically sSoted In data storage device 460 arid loaded smu RAM 470 tor 
execudijsi. Oix^rating system 480 also -nchides a co!r!n-iun!ca5i.oas engine 482 tbr 
ge-iensung and transfemng .message packets via t.be coniaiunicittions i.nierface "50 to and 
from clients 1 14 or to arid tVoiJ) globstl server 106. Operating sysicn^ 4gO farther includes 
seciirity services 4S4 for negotiatnsg a secure channel -^dth tisers, a aeonre coivttnimicaiioni 
engine 4S6 .for opening the secure channel w!ti> the users., and a service engisie 490 tor 
provKfsng a service 1 10a- 1 lOd to the users. 

The service engine 490 includes a service biteriace 402 for receiving juid 
trarsshuing tnessage-;; to and front dowti.loaded applets 2^li cui-rejitiy executing on the clicn 
1 14, and inciudes a sei-vice processor 494 ;ind service da-^t 49b i'oi processir.ig dje service 
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reirdKSii; -rora ihc "U-sei, FiK^ service. d;ua 4^h> ojay iiiCiudc prcvjoinl}' ^;,c;K:!-;.acd 
dociinjents. dauib^^ie iatbnsiatsoii, etc U wiU be appteci.ik'ci ihal U-c -jsrvlcc cuua '-196 -s 
siinilar io ihe Uijex sisu 392< such ilisa i? includes the siiins^ typs irsfonnaiion bit is 
nifisntanjed on the 'jcrvice ser.'er \ iixincad of on the global ^jervcr lOS 

5 

FIG. S is a fiowcbajt iiKjs.;xa-.ir:g « iX!Cf,hod 500 t^nabiiiig - ^-^s-f ^^cces^; ser\dces 
I lOa-i iOd hi computer nelwork. fjyatesti 100, Method 500 bcg-ns by ihc cheut I M m step 
SOS cresdng a coranjanicsdoa^ link wdh the global server 10<S. Sicp 505 is described in 
greater detail below witii jetbicnt.e to FIG 6, The global server 106 in step StO couilnns 

;tO Lhai d5« user ha^; pri\-d£-ges to access the tunctioriai-Uy or the global vervcT i Oo. 

(."onilnrJ-i;; user access pnvileges may irxiude es«jn\ining a user certificaie, ob^ainirig a 
secret password, using digital sigt\au5fe technology, ete. it wih be appseciaied that lljc 
security sen-'ices 384 ni^y caua*. tiie 'jerviet h-.jst engitie 386 to ibr\v:.ird -x secnruy applet 
389 via the conutaini cations chajusel to the ciieru i 14 tor pcrtbrtnnxg \:ser aotiientication, 

JS After user access privdeges are conuriaed, tlie web page engine 38? of ttic global 

server iD6 in step di-n^-rdoads web page data V)i and aonllgiiralion daut 390 to tlie 
vlieni 114. The browser 284 of i?»e elie.n5 1 14 iE>. step S2Q uses the web page data 391 arid 
the eoiifigirraiion data 390 to display a w^b page 700 (¥10. 7) on ti^e v;utpiii des ice .'I.^O rsf 
the clieiU i 14 aiHi to erjabie a;:ces3 lo - he services i iOa-l lOd which are one red by the 

20 global sers'cr 106. Ari exanipie web page 700 is shovv'n atid described wbdi rclerenee to 
FIG, 7. 

Prorrs the uptioc!-.; lifted oi) the web page 700, the user iri step 525 \ inpui device 
2/.0 ielecis a sendee 1 lOa-l !0d. itr response, ilje se-'x-'jet host ensnne .i-SO of the global 
-^v^"se \t ■> t(^p ^>UjO\vu*^ ' Ivv re'-f ^ijJ'w | pi t< ieK<> " ' *i* j 



Q.iia 390. nocr data 39'.'? nsxd possibly service address iniorrnauoii }9'i lo u-t; dknX \ 14. 
Appkt conf-e^J-tMior: data .}90 p-efejabiy snciudas user-specific prefereiiceiN such as m&x~ 
pteferred tbn-s, for cosif;gurirjg -he seiectsd sen-sce 1 10a- 1 iOd. User d«ta :>92 .may 
indiKic y3£r-v.ps.cit5C and i-endce-Kpecinc isdonvsiUiD;^ such as i;tored boobBarks, cal^udar 
5 data, pasiier nuriibers, etc. Service address irttbrmaUori ^-^^i KkiVahcs tiic loca'aoa of the 
sekcicd service \ .lOa-l ) Od. Aitcrnariveiy, co.n-esponding appk-tu;) sS^^, applet 
oofvOgursiion data 390, user data 392 iiiHi service address irUorrnai.ion 394 oMd have bee; 
dowrdoaded in step 5 i 5 with the web page data 391 ;iiid Use eord^igarauon daia .390, 

'r.he applet engine 286 of tiie client 1 14 in i.f.ep .^35 executes the cwrs-sposiding 
10 ciowriloaded ar,jp;ftt '^^SS The iJcrvice server i08 In step :: 37 snitiates the yei vice ecgiac 
4'^-'0. The globid server U)6 in siep .>3S sekcis one of the tntefi mode.s of access de;;cnbcd 
!a FlGs. fbr enabling the .client conip\.iuir 1 14 to coRimunicaie witli the 

corresponding secvice engine 490, J- or cx;u-sipie, if the t-ser h:eieets liic ser vjce .1 .U)d on 
server !08c, which is not. protected by a separate OrewtdL ih&o the gkn>ai server i06 
15 provide the user with direct access. Ift.be tiser selects service \ 1 Oa provided by server 
.108a vvitiiin co.m|3aDy rsefwork 1 i 5;. ti^en the glc-bai server 106 may access lite service 1 IC 
as a proxy for the tsser. U will be appreciated that each tnewall 106 aixi UO trisy store 
[.Kilicies estabhshiiig the proper mode ofacce^;s the g.iobaj sers^er 106 snouid seicct. Othe 
.factors for .selecting mode of access n -ay inciude n.ser pteference, availabilhy and 
20 feasfcility. The gtoba; servex lOb u\ sU'p ^-tO provides the client 1 14 riser svith access to 
the .selected service 1 iOa-1 lOd. Step 54!) is described in greater detail v<it.h lefeencc to 
Fl.Gs,S.A,, SBandSC. 
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FK's 6 is a ilo^^'charJ ■llii^t.rati.ns? deSuils oi i;fep 505 (crft;tT.e Hrik b£i^v<;■■;■n elisni s.vid 
i-lobal scr-ver), which begsviS bv the clis-ni 1 14 L-ser b- otep 605 asirig a knc-wn ^..IruSbaii 
Resoiirce Locator {ORL) to call the global server 106, The global server 106 and the 
client \ 1« hti step 607 cjcase a secure coniiriU!iic.at5055,s channel tberebctwecn, possibly S:>y 
applying Sea.irs Sockftts Layer {SSI.) r.echno]ogy. That is, die .sccurriy servKes 384 o( the 
global sei-vcr 106 in step blO dcterfr-hiC ifln-bouod secure cojrmioibcabons ar^- psfrniitled 
and, it so, create a coTrmjuoisatioas chfinnel with tl^e coem 1 1 4. The browser 284 ol -he 
cbenl 114 and mc stxurity ^;erv.ice.s 3S4 of the global .scrvs-r 106 in step 615 negouale 
i^ccure coninniiiicabonf charjjsoi pajan^etetS; possibly lising public key certiiicates. An 
trxajnpie ;5eCi.nc' coratnunicatiot^s chat^i-cl i;^ RSA wiJh RCM enctyptlon. U svili be 
appreciated thai ilic gl;>bal server 106 rnay be conngored to oj-e one often fi,nc:7ption 
protocols and the client \ 14 may be enabled to use one of tlve srterypiion protocols. Step 
bl 5 ihus rriay u?c.h.;do selecatng ot^c of the encryption piotocoh;, which is corntTiori lo both 
the global server 106 aijd ibc client 1 14, The encrypdon crunoe ;;g5 of ihe ciicrtl 1 14 artd 
secure connniurdeatlori? etiEin? 396 of the global ser.'er 1 14 itj step 620 ose die secare 
cnafitiel paransetcrs to create dsc secure coinrni.aiicaTlons channel. Step 505 then ends. 

FIG 7 illustriites ao cxat^-iple URL-addtessable Myperlcxi K'hu-kup Larigt-age 
i'HT.Ml.)-based web page 700. as !>:)aiotait)eil by the servlet host engine 386. The web 
page ''00 includes a ti-le 7in *'Wcb I'age.," a h.<.lirig ol" ihe psovidetl se-t'-cco 71 5 asKl s 
pointer 770 tot ae;<.^^;{ing one ot the provided .sendees 715, As illienraicd, the provided 
serxncea 7 If- roay inclnOe an e-mail .sersdce 720, a ealendaririg service 730, an ir;tesriet 
access service 740, a paging service 750 and a lax sending service 760, AltlJOtJgh aot. 
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showPv, other service-; such as boolanajking, Qu!ckC:;ird'^\ etc. may bt iacludfid u) the web 
psgc 

FIG. 8 A is a tlowchari iUuatraurse def.<i;is of s?er '340 fnrox sdc access U> the ik-rv-ce 
S to the ciienr user") in a f;fsr str=hodimotUs rclerred to &:> s)i£-UK:-;.1 >iOvi, Vvhereiri Ui« ghrbal 
setvt'r U)6 ps widcs the chen; i M v.'ith a direct cormectK!;-; ro ttH- service HOa-l lOd. 
jVleihnd 540a begins by ihs dow-nloaded appiei h sicp ^i?5 setacvingthe service 
rKidrci-v 394 of the sek;cted service I lOn-l lOd ti'om das ssoraye device 360 and ds<i 
aufhcnticanvin intbnnatioa for the serv'sce \ \Oa-l i (ki iVoni ihe k«>s3fe 3SjS. I bc 
10 coranvajuciitJOiiN erigine 2S2 in 5;icp 8jO creates a diie<.t i-nd ;;<-,-cur<; coaiseetiori wuh ihc 
corarnu-nicatjon^ engine 4H2 of the service scn-'ej ihe re5ii5;ved ;-t;rv!v-c addjess, ajid 

uscK the ruuiicnticabsori irdVsiTnation io uiUhciitseaie it^selL Ih-.: :\pp\c\ ,V.H:^: in siep Eli «e1-i 
iiS the 1/0 interface w'uh il\e service ex^gine 490. .Meti^ed .S-M.;;! iheri eiuis. 

15 hid 8B ij; a tlowchsrt ihustratutg cietaiis of step 54'j (provide access; to the service 

tv the ciier^t user) tri a second etnbodiffierti, referred to as nntthoe: .S4t)b, ^Aisereiri the global 
s^ervcr 106 acts for the clieti.t \ 14 as a proxy to tiie service \ tOa-1 li)d, Metj"iod 540b 
begirss \s^th the applet zKS in step 840 retrieving tiie "service " aildsess. vvj-dch txtst)h;5 tit 
direeiirsg it to the globa.t server 106. Tht-s, the applet 7M hx step> 845 cseaie-; a eonnecbon 

2fi xvirb the g!ob.-.e ser.-er i06. The scrvKn host c.ng.tne .i>i6 of i}i<; gl-.sbas server 106 trt step 
S50 fctrie\cs t;>e servsce address of the t-elected service \ lOa-i lOd as-d the riuthCiU-eatjoii 
ititbrtrtatson lot the selected serv,lce t iOa- i |i,}d tjore the keysafe .'is?.^. 1 »s sect3.te 
coraxvmrticstions engitie 396 of the global server 106 in 'step 855 negotiate secure channel 
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ra;-aB-i-?t?rs for creatijsg a secure chaviriei with the secuje cortuyn.;r:;cat:0!v; crigjne of 
the service server 108, 

Thsicafier, the appiei 2SS in ,si«p 860 acts as. the I/O satorfoce (enables Uic oset to 
sTiake requests of the scrv-ce cngi.ne 490) wit}); the. sccuxc cisnirnunicatioriS eniiine 396 c-f 
ths giobai ^terver 106, It the scrviet bo^t engsnc 386 in s?cp 865 dclercnacs that it. is 
arsauthor'ized to pertbm-i a eliei^J 1 i4 user's req-oesi;, thes-i ihe. senlsi host ertgine 386 m 
step 870 deierntinss whcihcr the. method 540b ends, e.g., wKetlx^r f.be user tms quit. If so, 
(hen medjod 820l> siid^. Othervvise, rnedtod S40b returns lo step Mb xo ob'-ixm another 
request. I.f the servkl host er.grae >S6 in. siep Sf-.S detsrjnines thai it is auihoriy.ed to 
perform the cUent i 14 siser's request, tlicn ihe servie:f host engine 3S6, possibiy usirjg 
scrvie'.s 39$, acts at; the proxy tbr the ciieiu 1 14 K) the service cjigirie 490. As p:;oxy, the 
servkl hosi, erigsne 3S6 forwards The i^ervice request to ihe service 1 1 Oa - 1 10-1 for ihc appl 
288 a-id forwards responses xq. the req-icv;- ing iipplct 2S8 currently cxecuiirig on ttje ehent 
1 14. .Method .^^Ob then returns to step 8"?0. 

FIG, SC is a fiowehtirt iihjsh;at-r5g details of step 540 (provide access io ilm sen-ic 
to the client t-ser^ it- a tiiird ernboditnent refertsd to <ls method 540e, wherein the service 
1 iOa-i fOd being .requested is located on the global sen-er 106, Method 540c begrtj^ with 
the applet 28s in step 880 retrieving the service address lor the servivc i 10a- 1 iOd, which 
results ir-. psovidiBg the appiei 2&8 with tivc service adbress of the service ilOa--l lOd i>r\ f 
gbbai ser^-er t06 r.hcs. the- applet jo step cre;aes o sectue connecticn with the 
global server 106, Nr.- ii::i:;sirii:-nal step rsf idetuitkation and autitentica-iiiiri is -icedcd sir.ce 
the cUent 1 M has tth-eady idect,itied atjd at^bentscated ttseli to tlic global st^r/cr 106 irs si 
510 of FIG. 5. 



In ^uep 884, ikisraunauon made v<iief.her ihe service 1 Ksa-l rOd is ciracntiy 
ranninj- 1 f s<k then m step 886 a dcHersTJimaiio!) is raade ^vheihc-r the service ) i Oa- 1 1 (hi 
can handle multiple users, Wnot, then Lhe i^lob^J, sen-er \i)<> in s\\;p creates 3i5 iii:itfince 
for ihe oss^r, and ihe appkn 2S8 in step S92 iicis iis &e inrerface w;ih the scn'iec 1 lOfi- 
■s ] \ {)d ofi the global server i06. Orhenvtse, it the iers-ice 1 iOa-l lOd in step U^^-o dK-kn-;jMr:£-.;-: 
thsi ii c;=!iux->i baisdle multiple users, then oiciboO ;vK)c proceeds to &5cp 892. FsAriher, ii in 
sK?p 884 Jhe global server 106 deiennines that, ihe sen-ice \ lOa-i lOd is noi curreniiy 
renr-ing, then the giobal serve? 106 in su-p SSS iriitialsze:^ the ^efvice 1 sOd and 
proceeds to step 886. 

10 

FIG, 9 is a l>Iock diagra.vn iil jsrr-iting a roarrang-uscr su^twork ;icoeris system 900 in 
:'.iri whiL-rnaiive ejiibod-nisrit in accorduuicc vviUt ihs prescrit invention. r,et\v;'.!rk ;iccei;s 
sysScm 9Q0 ivscUKies a remote teiTninai 90.S ctjuplsd vi:i co-^-ps.-ter nersvo.r.k 9\0 lo a Lacdl 
.Area ?4etwork (LAN) 915 ar-d to a glob-sl sc-rve? 930- The Rk-bsX server 920 is protected 

IS by a global tlre^vail 925, and the l.,AN 91 5 is protected by a LAN firewall 930, 

r,bc r«rnote teraiinai 9\}S incmdea a v>'tb engiue 9?>5 for coma-unicatu-g via 
cort3ps.iter n&tsvofk 9.1 0. The web engioe 9.^5 includes ,at) 3pp.let engine 940 for exijcuung 
appkt.s dovv'nioaded Irons Uie computer r.etvvork 9li). l::.x;unpie,s of web engiiies 93,S 
riaving applet engine.s 940 iacltide the Netscape''-'' sveb b.tosvser produced by the Nefi-cape 

20 (.\:5rr.?oraLiori aad ihe Infejfts;! iiixptorcr'" ^veb beosvser produced i;y tb:e Ivticrov.oft 
Corporation, 

I...A.N 915 includes a network, coropuler 99{s, coupled to lite LAN tue\\'ait 9?0 v;a -a 
.sign.'il hifi 985, The network cortvputer 990 includes a service cngiris. 993 lor providing a 



sendin;?, arid a'ceh-ing yagei\ accessirig a network dssabai^e 997, eu~. This ssivice ihat 
provided by service engine 993 may ijitludc one oC ihe <;ervices I iOa-i U)d (i-Hj, I) th;jt b 
provided by one of tbse serv-ce ses-^'eni 108a- HjSc inid j i4b (FIG. 1,). Tiis; i..AN fsrewail 
930 [protect?; the L.Asn 915 ivom exterr^ai thxciiis. 
5 The giobai <;erver 920 includsj; a v/eb pay?; taigiOv: 975 fcaabling aucey:^ lo -he 

network daf.3b;Ls<^ 997 arsoi to the service ersguis 993 asKi for ptc-vidiag an iasertace. As 
^■tr^iiariy :uriied above witVi jeference to FIG 1 , iriti^fcon-tr!itir\ic.aiiof5 btn^Aesn O^e ictnotc 
ts- Ejfinal 905 and Lhe nei'work computer 990 is acconipiished via ihe global server 920, if, 
for esarnpic, a rtmcAt terrrdnal 9CU5 us«r watits io access the scrx KX- C'Sgine frier, the 
10 >-;sor appj;es a kr\o\vn Uaiforrn ll^soiirce bocator (URI.) to access a svijb page raaiuigsd by 
the weh ptig-i engine 97-3 \vhich lisis the available service provKled by servK.-x- fingius 99.;. 
Fmti?er, to provide access and control of a service to a remote termoiai 90d user, the gjobai 
server 920 may use conventional applets. 3e-"'iet,-; or ager^ts bs a distributed itetwr.-rv; 
erivironrrient. sueli as the Java'" distributed envirotitnent p;;od-aeed by die hctixape 
15 Cotpor;?aif,;n The gbbsl server 9(J6 rrsay provide the rejtiote termi«ai 905 with dirsct 

access to the service, insy access the service itself aad provide IJO to itie rsiiiote vertiti^iiil 
905 by proxy, or trisy provide the tsrvice itseli' f^rovidjng access to a ssrvice described 
in g!X>ater detail akwe with reference lo FTGs. l-UC. 

The global ser\^er 920 ftmher iijcb-ides an atiti^enticatjon systetti 945 for 
20 autheotica- ir-g a user requestine access, for exainpie, lo the -\VKb page. The auLheoticai-ot; 
systcn'i 945 isiciLsdes a-'s applet hosi etigirse 950 lor settdirsg an autl^.etiticaiion appiet 955 
and a eliaiierige 965 to the rernole tennii^a) 905. Tbic applet cijgine 940 ors the retiiote 
lerrnifial 9;15 execvites the applet 955, vvbich iropieti-sents the COtrer.poriding Ldiaiknge 965, 
The applet 955, in coordination with !.!,<5er Input, cornputes ai)d forwards a ptoper j'sspoi^ss 
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U> the chf-dk-nge 965 beck to ihe global ssrver 920. T he global server S'2U vcjiOss tbc 
resporise. For exarnpk', the global serviir 920 rrsay i-eUieve ^jkI use viscr siiKsjmatios:! 960 
such the user's password, a haxlt ox the user's |x^.ssxvord or the. user';; pybiic key lo 
ver-f-y 5hc response. Ii will be apprecia-cd that vuryiag levels or' access to services will be 

5 granted bs&td on the ^.ise^'s jdentifjcauori, on the vas^hig sirengths of autheaticdiioii arid 
on ihe privacy of ih« con\mu.nicatiori;: chaaneK I he auLlienucaiion appk-.- 955 i<; described 
in grsitter deuiii. svith reierercce; X'j FIG, I IB. 

Fric globai server 920 further ijiciudcs security services 9 ''0 for estabbshiiig secure 
conimu.ntc3nons with the remf>te lerroirial 905 or wsth tiie service engine 99.3. The 

50 <.;ecuxiiy serv-ces 97C? simitai to the securiiy 'jerv-icc-j dcscriijcd wuh xerete-ice to 
FK5, .1 it vviU be apprecsated that the securiry services v^/O nsay ge!ien;!.c chride.«ges 965 
tor the 3u!.hen.Uirat;0;n system '^MS to -^sna to the reraote ■f-rahviAl v<.'5 A-tb the 
authenticatrnxj applet 955. 

15 10 is a block di;igr3.iT( ilhrstraling det.3,iifi of the rerriote terr5:.;r.ial 905, which h 

s-tnhar to <tach of the cHeats 114 dss>cribsd with referericc y.o tlQ. L The jeiT^ote renrjii.oai 
920 iaciudes a Central Processing l)nh (CPU) 1 005 such as Mo-osola Power PC"* 
a- "icro processor or an Irstel Pe;rdun^*' nderoprocessor. An ir:pui device lOlO sucii as a 
keyboard asid n^ouse. and an outpai device 1015 .^uch: s-s .-i C.-ithode .Ray Tube (CRT j 

20 display are £.oup.led via a simd bus it.s^O io CPU 10(;5. .'\ con-r,ou.E2Uai!0.arv !.ai<-rfiK:e 

1025, a data storage device 1 O sO soeh as F;ead Ortly Memory (ROM) r^r a rnagrieue d;sk, 
3.nd a R;uidyTr!-Access Mernory (,R,'\M) 10? 5 are timber coupled via signal bus 1020 to 
C'PIJ P>95. The cotnmu-t'Caiions jnterkice 1(525 is coupled to the cojTjputer neVvVork 910 
.as srsovvri in and, describsd v^rih reteretice to t pQ. 
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An operating .sj stesn 1040 jnciudes h progran-. for controlling processii>g b>- Cr'U 
1005, and is typicolly sioted in dais sioragc device 1030 and ioadcd lata RA>v; 103S (a-s 
iiluslraicd) tor executioii. Openssirig syi;;tem 1040 trKiudes die web eixguK> 93S tor 
generating and t.rrvn<:te.rrlr5g !r:e3s.age packets via the communics-ions voierfsce Ui25 to and 

5 (roro the conjpuis-.r ysetwork 91 0 poaslbiy visirig cnerypiir.srs te.chr:iqi;e.s such as p'.ibi ic ar-d 
orivsie key?. As ?tai<^d above sviOi feforeace lo FiO. 0, the. web t-ngiav^ 935 includes m 
applet crsgine 940 ibr executing applets snclndsng the autheTVlicalion applet 9:!^- 
dovvT-loaded from the global server 920. Other dy^vnloadabk^ applcHs ■ I-IG, 3) (o be 
t-^eoiited by xht applet engine 940 n-;ay inelnde security applets tor pef.fonn-.ng n.u'ssagir 

KS integriiy services and ceitificate verdicatjoa 

The web engine 935 hnther rective;; web page data (391 , FiO- } .;, vontlgyratiori 
d;ita (i90, VIQ. 31 a;nc da,Ui. idenufyini; the ssleclahis sei vice oliered by d-e senno;; e-sg-vn: 
993 It will be appreciated djat the scleciabk sendee may include one el the services 
I lOa-i lOd (FIG. l)of.feredby one ef the sersdce engines IOSa-108cand LNbiFiG, 1) 

15 The web engitie 953 uses the daia lo display the web page (e.g,. trie web page 700, FIG. 7). 
The web eagine 935 enabk-.s a ■esnote u-riDsnal 905 n.5er to ^.eiect the service for execution. 

FIG. 1 1 .A. is a block diaiiram iiiu3t.rat-ng detaih? of the globid server 920, wlhcis ss 
si?n!iar to the global Ee;ver 106 described with j-eteren.ce to FIG. 3. I'de global ser%'er920 
20 iriclndea a CPU 1 105 such as a Motorola Power PC* irdcroprocesnor or ar^ latel hemuitr;'" 
r-iicroprocessor. An inpnt ds-vsee 1 1 10 stjcti as a keyboard and inrjiuK-:, <uk1 a.t5 ouipi.u 
device 1 11 .S inrch as a iZRT display are c.oupl<;d via a signal bus 1 120 -o CVU ,1105. A 
conmu-nlcaiions tnterlcice i 125, s data storage device 1 13i) such a,s ROM or a tTiagnehc 
disk, arid a llAM 1135 are. h.irther coupled via sigj?al 1>uh 1 1 20 to (^PIJ 1 1 05, 'I'hc 



<:on-i.:B'J.r!5c;U:on3 ijitejlace 1 125 is coirv<;mionally coxspied to t.b.e consputer uei^Aork 91 0, 
AUhovsgh \ht global server 920 iS desaxbco a-; a >rn^\k v,o57ipi.Uf'S, it WiU K- ,Jf|r-co!atcd 
that the giobiii ^.ervsr 920 may incVadc fnyiiiple coinputei-.s -le^vorked together. 

An operating sys-em, n40 includes a progrisiri for co:>aroii-ng processing by CPU 
] 1 05, ars;:l i;; typically scored in data storage device 1 1 30 i^r^d loaded jnto RAM 1135 (riS 
iUuKtrated) for execution t..>perati-ag .sy.sierir 1 140 includes the web pjige otigine 975 for 
gerjeradng mid ixm^aalng n$civsage packets vsaibe cofvinvariicatiorus isnerfaec i 12,5 to iuid 
from remrjte ;errni?5al 905. Iht wefc page engine 975 forwards web page dat.;^ G9)., .FsG, 
i), con.fi guf^tion daUi (.j90, FIQ. i) and otdsx ;denti.fs'ing a set ov available services (} iOa- 
1 lOd, FICr. 1) io i.he ?:eroois; te,aninal 905. 'I'be web page engine. 975 i.s ."irndar lo Jhi- web 
engirie .58? (FICj, 3) of Lbe gliAai server .106. Openrdrig .systeyn ; 140 funher include.^ tbe 
security services 970 for opening a secure corjmrmric-atioiits channei with users. 

ihe opcratiijg systvin 3 BO further ?oci>ades die applet hr.ist eng;=ie ^--SD Vv-ldch, bs;fbre 
enablit^g the Vv'eb page ersgsne 975 to execute us routir^es, retrieves, and for\v3.td.^ t.lje 
aiithendcation applet 955 si^d a oarrespondtrtg chaite-ige 965 to thie renune terrnnsal 9i)5, 
li will be itpprsciatcd that itpoj-! a request fo5' ser/er 920 access the yscurity S£-rvii;e.-> 970 
may generate tht challet^ge 9t>0 and .fonvard tt to the applet host engine 950 to be 
.for<varded with thte authentication applet 955. As stated above, dttring exectition, tiie 
atuhenticatiofi applet 955 pronipis the ussr for ideniit'j cation (tn;e,£ ID; snd a password, 
tJi^es the password to conrpute a proper response, axid forwatds the identO,icat:u.(; and 
responi-e to the rsntherstication sysien- 9'15. Comptitir^g a proper res]:K>nse is described in 
detail wjth refirroncc to F.lGs. 14 arui 15. 

The atithenticrifiors syslenj 945 usss the iiser ;D and tlie thaHeftge 96{) to venly the 
user. For example, the authentication system 945 niay use the user ID to retrieve a haslt of 



•be passv.'Qfd tVons the user information 96i). and then uses the h-x^h of ihc ps^sword to 
verify the. r<-:sy.)onse. h wiU be apprecissred that usirsg a preferred ejxjbodhiietu oi the 
pre^.ftx-it hsvcnt.lon the password Ls riot ,serit tr.) dis applet. hi.>si engine 950, biit jtb-er i';; 
esiskTiCe arid cotre^Mness i;^ prover- via c- secure rneans sucii r^s a s<;cisie hash. It v/il! be 
further appreciated ihiat the auiheri-icstioo applet niay cornmu.nlcais wit.h au 
auihcr-ticahon servbi ?97 (FIG. 3,k \^4i£-.n executed hy a s;erv,k-i host eiigioe 3S6 

{FIG. ■)) performs response \-critjcariori, 

FIG, i IB is a Hock diagra.tn ihiKtn^ting detaiis of the suUjenticaijon applet 955. 
.■■\utrie;V(ic..:-t;OB -appiet ^^S5 incUide.s a uper ID module i ^50 rbr prompting a u.aer for a aser 
li.)., arid a paj^^jwcrd snodu'e \ \ 55 for pronipting s user lbs a passswrd. The iUUhe.nucatioTi 
applet 955 rlrrther includes? a respoose generator .1 .160 for generatrag a se^po-rKse u^:.ing the 
pass^And input by tb.e user and the citalieiige 965 seni lo ?iie rstrsote terrronal 90S ^vitr; the 
autheriticauon applet. 9f;«; .4itemativeiy, the rssporsss generator 1 1-60 may request 
challenge 965 from the global server 920 after the itser has iriput tlse password. The 
reyporsse geru^a^tor 1 \ €0 genera-es - he rcn^ponse by ui;ing the fsiisssvord aiid the chalienge 
965 as variables it) an algorithm: .1 165. Exetnphjry algorilhni^ i ! 65 are de&ctibee; detail 
juFlGs. 14aud 13. 

The authentication applet 955 ixsrtber includes a conunurocations modisie 1 ; 70 ,ior 
com.nranic.atrng wi-h ihe global server 920, e.g., for fe.cei\ ing t.l>s challenge 9^65 uoin ihe 
global sen,'er 920, ior j-snding the tx^sponse to the global server 92{i kit versfjcaharj and for 
;e;:e.b,^i.og server 920 a veritlcadosi signal -odicat-og success or failure, Tlie autiieriticaiion 
applet 9^5 sriil ftuthcr includes an access irsitlasion m:odtilc 1 175 for enabling a user to 



accet;? ihe funcnoKaiiw of ihe. gk>b;)l <xrver 920. Ths acccsN iriilialiori n\v)dule 1. 1 75 h 
detHM'ibed in greater dzta'd above wnh rsfercuce lo j-Rts.. l-S'J. 

FIG. r? is a bkx?k dicigranj iUusirat-ng detaib of the. riciwark coropuier 9SfO. whicii 
is siorJar to fnc <jsrvk.e servs-r U)8 (FIG. 4} and may inciuii'V ai? die ;;;i:nc ^Icrncrits- Ihe 
!KTwork computer 990 5tK:l'..i'..it-i a CP^'.i 1205 such a;-: a >vi;>ioro5;i Power PC:* 
mic,toproces;-or or ar: hite) Pcaiiunr* n-icroproccssor. An input devKx- 1210 such as a 
keyboatd and n\oiis&. and ;u> outpisi device I21S sucb as a C:HT display ;iie coupled via a 
signal bus \22i) to C¥U I2i}5. A comrnuntciuioni; interlace a daui siorage device 

10 1250 Si.sch .-is ROM or a rnagnedc disk', snd & RAM 1 are further coupled via signal bus 
12^0 to CPL; 1 20.>. The couiriiunicatsor^^ i-Merfacft ; 21 0 is coupled io coinputer risuvosk 
910 ^ihC'-Yn hi and dc?crir<ed v^'ith refcrcace to iKo, v. 

The f>perfitij!g -ovsiesn 1220 includes a progcirn f^jr eojrtrolliug pioce^cing by CPU 
1205, md n Typlcaily stored in data storage devscc 1230 and loaded into RAM 1235 uis 

15 ilksstmted) for execution. Operating sy.stera 1 .740 also iricludes a ser*ice engine 993 .u..r 
p.rovidi,r!g a service to uhe astis. 'Im data storage device 1230 >nclude.s a Jieiwork database 
997 contairdrig workspace data such as docunisnts, e-a-ail.s. casendar irifbrnuttic-u, fdeaj 
etc- 

20 ¥10. ] 3 is a Oowchart i.Uui;ttat!ng a o^ethod 1 .^90 for enxhiing a ussr so access a 

service ir> coi^jputef network systeni 900. Metliod 1300 begias by the rcmoie tenrCiSial. 90.^ 
io step 1305 .tequcKting logos? to the global server 920. The: global server 9.10 m step 1310 
foruarda an attthettti cation applet 955 attd a correspond irsg challenge 96 f> to T.he semote 
teri^inal 90:v The applet engine 935 ot" v.he xernote teoTisnal 90r' iO step l .^ 15 initiates 
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execution of the autbenticatiort appiei 955, v,'hj,ch in courdinaiiori wiih, Uic pi>b»l ^.erv^ii- 
920 in ;>lep 1320 ideaiiliKS aiui autixtnticaies ihs usct. Step 1320 i.s i.k;Svribed in grs^ster 
dctsil With retcfersce io flGs. l-i and 15. Afxcr ihs !.is^.^r is idendtled ^^d ;iud-si-i!?iait.s>l t.V;f; 
global 3?-n'-cr 920 in .S5cp 1323 eaabiss the iiser t.o scci^ss i.be funcbonaiiU' one.-cd by ilic. 
5 t^lobal ;=«rve? 920, ; e., iuiuaie;^ access to tlie service provide*.! by the ^ervjcc taguis; 993. 
Step 1^23 is described -rs greater deiail wiili refsrericc U) PKI 5 (namely, st.qa MS-^-^iO) 
and FKss. SA~8C. 

FIG. 14 is a ilo'vvcbajt iHtisuating a iirsi racdKXI i320a, wruch exc;r;plit\f;0 detisik. 

10 of step ?320 in a first erribodirruTi-, i'or auihcrttifating a user. Metl-od LV2t.!a begins svtth 
ti;e conm-rt^snic-atioTts rnodak 1 170 ;:>f the atnhsntjcation appls-i 955 ir- s?.ep iAOi obtrisning it 
chaik'tige 965 from the atithenlication system 945 on ihe globai server 920. It wiii be 
itppreciated that the giob.o.1 Rvn'&r <>2(; n>ay downjosid the ci-).allej;>ge 9t>5 ^A-idi the 
authetiticatio-i applet 955 or iriay waii for the re<.,tx>i5.>;ff gsncrsxlor \ 160 to .nttdcc- a request 

15 bo.torc dovv7uoadi?tg tite cittiilenge 965, 

hi <jTep 1410. thi.'; ts.ssr ID Bi«dvtie 1 150 of the authetitication applet 9.55 piotnpis ih; 
uv.er for a isser sD and ths; password nioduU- 1 1 55 oi' tite sutii&nticatsoti applet 955 prompts 
the user tor a p3?ii;\votd input. Upon rcceivdig tltc password sxid ths challenge 965, ittc 
rt^sponso gejterator i U>0 of dte atrJsenficadon applet 955 In .step 1415 aset? tltc p;ii:ssvosd 

2C! arid t-he cKalierige 9tv; as variabk-.K in a c-ne- vvay hasli aigonlbm i 1 65 to oorr)ptste tht^ 
app.topriate re.?porise. In a preferred e,trihod!!ns5tt, the respoi^ye generator i id'O ttashes a 
conibiiiat-or: of the challenge 965 and a in-.sh offne tjser's pas.sword to generate lii^; 
response. Irt ariOther preferred entbodnriSiU, trie respOiVse geiierator s 160 Itashss a 
coir-binatson of trse challenge 965, a hash of tlie os'.er's passv.'ord and a friOdiftcat:0,ti factor 



(connviOVily referred ic ''salt''} svhicb. protects ^gau-st '"d-ot'Onary auavkL;" to gsneraie 
ibe response. A ciictiooar^^ aitack h ovie. feat uses a dictionary list of wisrds gcnsrste ;i 
h3t;r>- to-pass\voT<i Uible, which can be used to trAiaapproprjate user passvvordL?. The 
rf?srr,>nse generator 1 160 ia sicp 1420 L.astn.!cts ihe conununicat-ons module 1 1 ?0 lo t>;iui 
thi^ ihwr ID su-sd the response via the cotrirnanlcatio-ift -otertace 1G25 ic the iiuuuqsticatior; 
system 945. Vor convesisence, trie resporu^e gcj-setistor may ah;o send tlis ch;ilk;r.ge 
965 with the respos^se back to the atsihenucatiots yysiern 945. 

Tlis authestticadon system 9AS m step .I4.^S tises trie us<;r JO a.'id trie chaitesige 9o5 
r.o verity the respo-sse. .ForexasTspie, mc aiiUteiuication systcjv; 945 isvdy use ihc user ID to 
reuievc a rev-i.stered hash of the -ifier'?; pas.svvord t'rorr. the user ln.$"orn).ai;on 960. The 
authemsc.ation system 945 uses the challe.-jgc 965 and ihe registered h..Ls.h of ihe Laser's 
p«:^svv-:jrd i-;;; perfonn trie sanie •■ne-way Ijash iiiriction ar\d gericraie :.i vernltatsor! re^:pen.ve. 
Further, if the haijh .turicticr: snchtded i^aU, then Uic siitr.ersileauor: ^systerrs 9-!5 \vox;id appiy 
the same sail when gcneratiog th.e veritlcatiort respotise, h be appreciated triat il-e 
algoi jihm peribra-ed by the appkt 955 ami the a,lg<.in.th.ni pertoJTVsed by ths authfcaticarioti 
system 945 may tiot i:!e the same, 

ICiQ step 1430 the authentieation system 945 dererm-nes that the verhkatiori 
response conipated by the authetitication system 945 is the sart^e 3.s tl-s re^;poo.i;e rece-ved 
n-ovA the aiuhetrdeatiofi applet 955, then the user is sticcessfuhy '.-eritled. ,'\ccordljigly, Uk-. 
aiiihemicatioD system -4;} n-, step ]4i5 informs the acecs;- initiation nx.duie 1 i '^'^ f.>f the 
autherxricaikoa applet 955 of ti'ie stjccess. The a-athetrdcatJon 3y.su-!ri 945 m step 1440 
auihor.izes :.he user to access the service provided by the service siighic 993 duririg th;:, 
session. It Vvili he appreciated that pioviding access is desciibed iti greatet dctsd. sv-th 
teiireiiceto FICia. ]-SC. Meihod i320a then ends. If uasu;;ce5Stul trie ax;tr..enticaTivn 
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syste-T! 94S ux step 1440 irsforms tiie access inifiatioTi njoduk- 1 r?5 of the. failure, and ihe. 
access ir-itiiiTkin moduk U /S in step M45 iniorms the user, Methsd r.V?;)a ihen retarr-s to 
step HH). 

t bs ' i. 5U . ^ V r v'^x^J.x'i Kith ot < sH3 0 axsvr M* ho< n?lb 
K ns H ^ * X M^er ir t ( a*. .MO * < n^r "s jl. .h\^ ^» > et .-j I 

' ) n so u <5 ir ?o "r iut c " ?i on ~" ^ >^ . . iIk i^.uOt vs"^ i -K > . 
u SKif^ i,")' > ' . f . ^t^. ^ ? '^i UNvv ^ ii, * > o u ^'^i. 'J nro" lai' 

>^ ^ " 1 ^ !Lh^ t.n<.r^r > v.^ to- v u^oji^. i f < uJ v ttA h u sv on '^-s" 

I ^ 1^ s ,\^o^^,' p S.1 1 ' 1 '^'^ o V. >.'a nt *.a u c '"'^"^ s ^k^' ) ' > '^''o " 

MO i tnn?^n< t s 'n as+^ t •^i.jx^ > oJ '0^^ Os •^'xamp'v. aviJtrjr v'Sv t * t^.t 
t 'k"--! I ho >ospon-'" f tjos-.v 1 1 ^...n "^"^ .jnos tr.* u i.? nrat s r ih^ puH . v> o' 
J v>-^ f- * i^o'Ki Ulo-ts, ^ 0 ^ X >vn b<eM ks ,s ^ i\ 

corresrsonaiisji resoos^ss. 

1 1 C ro ! r . V !i' .u'K' . ! n sssK'-'^ T t. a s i ^ n^a's n-^i^tv' 

u ) N t ^ 1 s ?i 1 wvv. ! e- . ^ ! !i ^ k n ^'60 To veri fv the response, ri-at. i fee 



k'-v i-i {\w vt^\ k^-^ Jio NCACf ..tiw tiij; ^ncJvtc fu, \Vi .^l^'onU v . io" So a.^ \i i 
the r>-^-i o:u^<' Ih ' Liv-*!^ Ijij . ^ 'Is^n uses Js-^ijnio <v sU'tonn .-vC 

mtvirrKcU;o:i \ \ ht to u^ iU a -v.- - ano conoatos u oJd o ^^li 0 >. 

If 5he authenticfiUon syiUsni 945 in Men 1535 deterrrsines. ?.h,^t ih<- modified token ; 
the same the decrs'pLsd r£i;porn;e. ilssri die user is successfully ventk;d. Accordijigly, 
the aaiheniicatioij system 945 in step ! 540 i.nff>rm.s the acce;;^ initUilion moduje 1 175 oi" 
Lhft suiricnticaltors apple?. 955 of the suc.ca^ss. The authentication aysien- 945 in step 1555 

IS aujhori^A^s the user In ixcc^ss the service provided by the service engirie 933, .A^; .siak:d 
abo^'e, access to the service is described it- grc^iitcr detsii svith refetsiice io M(?s. 1 -$C 
and rnedtod 1 320b tiicr; exids. i-{ov>'ever, if U5« audjeriticaiion systen-i 945 -n step 15 V5 
detc-rivsines 'duit the modified token is different ihau the decT'ypted respop.;u.-, ihe;; the 
auihcrtricatioii system 945 in step \ 545 infosTs-ts the acce.ss irirdadon inodule 1 1 75 of the 

15 vcniicMioa fai litre, mid the acceds -nituttion ivtodule ! t ''5 in step 1 550 '.nibrrns dis aser. 
Method I yiiih then rcitsrris to step \ 5 \ 0. 

The tbregoing description of the preferred en^bodireent^ of the tnventior. is by w?. 
of exarstpie ordy, and other variations of die above-ds-:v;.rLbed embed trtients and nii-t.bods 
20 are |>rovided by the present invention. AitiiotJgh liic sys-.tcr-i and -tniMliod have bseri 

des;:sibed v/it'h reference to appie.Ls, other dovv^doadable exeeutabies isrich as Active X'*"'* 
co-vdoi developed by lite Microsoft CorT.5oratif>n can a.bematively be 5ir:ed. fntrther, 
althottoh the artthentication applet is beirtg described witi-; feterericc to a service aceessir- 
systeirt, the autlienucation applet wiPi opera.ie with any coeaputct systcni eperatiiig in u 
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a rtv> " i -^upku <* p,i A^^c^v^ !n<\-Suk> for ■Lslng ihc paaswojd a 

L0"> ui'kj^j-'S' s ^ uK-)Juk in 0 \ thvj r<" -^'s NC gexk^jaror a.no; to tixt user ID 
t V Jul ti s rJif !:> L\ .V V0£.i ^ ^ J L>v il > * . V -vor tor vcHtynig The a^spcn-se ar«i 
8 autheiitkatrng the user. 

1 2. The system of claim 1, furthef comprising a downloadable ajvd. executable 



i ^ \ --k.ti jJ- <. Ic n '-v* esein me user ID module obiain^ xbx- wsa ID by 
i i irou 1 l< , u -£ !iM>ur 

! ^ "it s% 4? "i -it ivio .^1 ^^U'icus the po.:ss\.vorc: nKxkiie oirtsin^ the pa.->^;\^('rd by 



1 S„ 



The sysism of chum k v/herein the ^ilgofitbni hicUsdcs a orie-\vay hash Usri>:iio:i. 



6. The ;5v,'^K-;n vjf ci«irn 5, v>hejein ti^c u^;sponse p.eaerr-aot rcoeives r.irioon- c)v,;ik:r!g 
and i.!scs the oue-svay ha5.h fiu;cTk.;r- to hash tue p;n;5\vord a^ui the raiuioro cha.ik;nge 
together. 

7, The systenj of clain) 1, v,|K>rsin fne res|.x;n,se asm-iaior obisiins a;5 e.rcryptcd ickE-n 
and ijses the pa,<;.-=VvT.fd 3i)d t.s\e sUiorst-hrsi i^s decry pt ih.: en? r>-p'od lokcn, 

5? Vac system r-f cinim 7, v,befcii-> the resp<:in^;e gcneraiot use;; 3 niodsfeat-ori factov 
to modify the decrypted token , 

: sv-vm ^-■''okl!^. Ahcft;;.- the tospoi^c j-src-^ioT Uot,.^ tbc ;\5'^<\v> j i ,1';!! the 
c ^ :y!-5tcd token, 

, t* ^'j uinKn't.C3ii>,ir! systenu cornpn^iiig, 
ftrsL aseatsi: io^ obtashmg 3 user ID; 
oecojsd r.-5t;;iiis lo'c ohUiiijng a password; 

rhbd Kican.s coiipied io die seci ^nd ri-js^ir-s for usu-ig ihs password as & vaiiabk'. in \ 
■M^'rMxm \<.) con^ptik; a responi-c; and 

fbunh rxiearvS coupied to the f\x%t iT,car>v. caid t=> the thrai rnear^s for s.eiid!ng the 
rc-;poru^e ;u:d the Uocr iD to a server io'c vevHV-ng - he u;spvn.so and auihcnik-.atint; sbc tsse 

1 1 Tru? sysie-r. -jf claim 10, iimbcr contprisir^g a dovvrik>ad2bie arsd exccutabk: 
axjthsaucatsott applet. 
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! 2. The sysicm of cimm i , whereio. the iixsl fr-eaus obiai sis ihe sjser ! D by psi.sii5p^'^5& 
Mj: user iispui. 

; .} . The syi-.tejn of <\mm \ , wherein the second nieans obtair^s i;ne password by 
pfomptijjg ibs- user iaput, 

1 <; . The svBtefn of c k-*j,!X5 ? , whereiri Oie algorishsr; s ncl udes a on^-v^ny h&nh njxscUori, 

15, Ilu- system of clain- 14. ^^-rierem the third means receh-ei; a iundom chailejun; and 
u^-es the 0T5e- \v;iiy ,b;'.sh fiirieSion iCf hash \hi ptus.sword rfnd random chaHeng? 5ogt:5h.e;:, 

16, l h« system of ckbn:- 1 , whea>in the Shdra o scans obtains asx <;ncrypu:-.d token isnd 
usei^ she password and the aigorisbirn to decrypt the csictypted toker., 

17, T l-e systcni of claim \ t\ wherein the tliad jxieaas uioi; a iric-di fscaiioji taetor to 
rs^odsfy th<; oecp/pted lokesL 

] The iiy?u:m otWmm 1 7. vvht-reis-s tlie diird n-eas)..: uses the pus:?v.'OKl aiKi ihc 
aigorkht-!5 So r'.--eni.:rypt the moditied lukvii asid \vber<.--n the response ;;-:cmdc,s ti^.e 5C- 
esicrvpted token, 

j 9. A cD;nrt;ler-re;idab!c siotage medium slorhig piOgriim c-..'-ie jVr c;!us;iip a computer 
to penban u-e siep-.s of. 
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obtairiing a u^er I'D. 

ih^ password as a vanabie ;n a.n aig!>r>ihm lo cosnpute a response; sxid 
ses5ding th-- j->jp-:.>nse aiid ihe us^: ID ^:ervV5- for verifying the response .5nd 



0 ^ 15 - < ^.<'* x'sco' i. vvs\'- r i 



a ■ja fcxccy-bjr fVrherJ "ca'iari app-et, 

22 The Hicllsod of cla-ni 2i), wherein the st<'p ct' oblainisig the user ID hieludes 
prorr.ptin^- for U3er input. 



-\<nh^'d v.ara ^>), \\P,v;rei!. ak<<ritmu intiudcs s one -way h.-Jih u-n>.U"M. 



25. The niethod of claisTi 24, further cojyiprisin.g SLhe siyp ol recx-; ving a rsndorn 
chaHenac: and whe;-eirj the sicp o,t u^iivg the passvvord irK:lu<ies is.sing fee osse-way ha^^h 
iSinci\(iri w hs?b. the pai;ssvord ajid tl-se randorr. challenge logctbe-; . 

26 The rncdiud ofckiHr: 20, funher conjpriying Uie su-p of obfairiiiig ai^ encrypis-.i 
t;:?ken and wbefcir. the idgciithsn meiudes ui;ix^g die password to decn-pl (Ik- er\eryp-te<i 

token. 

> ? r^K' n .ethod f^t ojatm 2*>, \\ h*;reiu U;-: il^<.>i-i:hni i;>oluJes ^Nisis: v5 u\od: h^aiuv, 
factor to modify the decrypted -oken. 

29 -\ proirarn icr oauMj.i? a eonrj^w*?: > ps,' to'sr -iie ^te.i^ oi 
! htfstnr.j: 'x s^orrt^'i.pondittg pas3v>'ord; 

uvtr.p itk' p uis-vs n \ as s variabie iri m. txigonihm to cornpuie a .response; a.nd 
sond^nj:: the retpvKSC md \ht user ,ID to a server for verifyij^.g &e restxmse iuid 
.rub ^'U^c J. 5^, ;bo i; .^s 

30. The prograsr: of cla.in) 29, whereia iho prograxn Is a dijWTdijadiible iitid excex;tisbb: 
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3 1 , An authentication sysiem, comprising; 

a-i ?:;-ig:!)e for receiving a service rf^qut-st uom -i chent; 
a password daUibase storiag a lir^t password; and 

autheatication trjearis coupk-d ?.o the engine arii to li-ie piu;,s wor:] dstab;^se .tor 
fopAf-rding to the cliftni an autheniieation applei which vvhec executed by tlie citeot ur.es a 
client password, as a variable in an algoritkii to compute a client response, for receiving 
the diem tc?.;poo«e noni t.be ciient, and for usmg the first pas^r-vord to vtxxfy dte cUes^t 
response, 

32, The system of claim 'i \ , wherein me service request jocit^des a reqoesl to access 
the contents of a server, 

33, The system of claim 3 1 , wherein the password diabase fi^rther stores a first user 
ID corocspcnding to the fh-st password. 

34 r;\e systesr: of ciairr: 33, wherein ihe autijcnUcadot^ applet irscVedes a U;-£t it) 
piociule for obtaining and sending a client u'ier ID hack w Un'. anthenticafio;. Oieaiis. 

35. TiK- system ci' eiain?. 34, svhereir: the ai.!fnent-:Csiion nieans cornptires tiic clieot user 
([.■> wii,h tiic first \-ser !D t-:; retrieve. tiiC ihs! pa.ss\vord tjcrri the passsvord datiibase. 

36. Tiie system ot claip-; 35, w;-sereio the authejUieauon ineaps uses the frxst passi.vord 
as a varia-bls in the aigoritim to compute a verification response and compare the 
verificadoR response v.'ith the cHesn response. 
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■ 37, The syslern Qi cUuir; 3(x wrietesn the auth^ar.icaUon ijsesjs^s grants iha serv'ice 

2 requc-;t whert the veriilcatioii ■■esi>oose ih& same ai; Uie chent respoii&e. 

1 i 8 . The systen-i of ciaj 1X5 3 \ , whereki ths a?gojit.h.nn includes -way hasi^ funclior.. 

1 39, The ^;ys!sn? of claim 38. wh<rrs.in Use aiiilK^!it!0;ATa-fi rne&ri^ lbr\vafd<; -.x tix^ixhm 

? challenge to the elienr aad Lhe f.-ric- way hash 0.irxu<>n has,he.s the ciieoj p;^Svv^or<.i arul the 

1 40. The systesr: ofclaira 3 i . whtrehT the riuu-enticaliou nKian;; n--;:^; ihc fiviX pssLn^oxd 

2 to eo-crs-pl a lokcn ani;l ib rwarcs tUs encrypted lokcri 's.; the c1-ctU, 

1 4 1 . The system of claim 40, v.i5<;re.iri the suthent-catiort applei j do i -idoN :i t c-Tso5x?e 

2 oerietatof for using the che,nt password arid the algoritbir. lo v.k;:ryri. iJ^fc ersco'P'-^^ tok<.;5r. 

■ 42. The system of claim 4 1 whers'in the jrespon.^e gersers-or u;;e.r> a synxUficador^ factor 
■;: to modify tl^e decrypted toketi. 

1^ In ^<.s'e5! ot ()■? ^ o.h.^K t « \^ re pv '^s i\sK\ >' > ' ui s f . 
rJ Ik i\o' xbr t > jc . N.>t:. no. fKX r i - ! f |- Xo 

^ 5 e. ^ 5 



\V0 f fctm%mnsm6 

itn.i on sippL ^^ . o^ s o^<-\ o. 5 .o ^tu » ^ t-i o \ a,. v,\50.v. 5. 

^'^^ V ? i joc *o 'ho .0 > . ii. vUis ^ J !o 0 ^ d> p< v (0 u V i' r'l, 

and 

tbisiih iJicariS coupled to th?; tlUrd mea.ns. for verifying die response. 



J 45 A cojTipules -K-adsbk- .sionige nK'duuri siossng program code for causing cor.-piUiir 

?. f,o pcrtbr;r- -he ^?cps m: 

i rectroing s serv-ce request froixj 3 clieju; 

S uses cUesn Input as a variable in ai5 ^Igoridun Vj con^pme a respon-;e; 
f; re-c^.^iving ihe res|x;u?e fsorn the clieuJ.; and 

7 venf> uiii ibe re5posi-;e. 



3 46. A coniputer-ba.sed rr.etl-sod in a :5c:rver, comprising the steps, 
2 jcceivjng a service requeirt irorB a ciiem, 

,> dcliv^riiig 1:0 the client an authentication applet. v.'i)ich %vhen executed by clien! 

4 use? client input a;; st variabk' In an aigOittiwrt to coruputc a clictu ■csponije; 
■V receiving the clteni respon:;e trons Use e;:cnt; a.nd 

6 verity ing the clietu response. 



1 [ K i-^rw' <^ V asL- A\ Hi5cre;r- ihs,- scrvke request iiKliuies; ;.i roq-.ie=:n. to access 

^ 49. The method of claim 4!>, t'urtViSr conipn^-rig the step of storing frrst us&f ID 

■;? Cvfresporicing ths first, p.as.sword iri ihe passv^'oid dausbisiie, 

' 5<j. The method of cUym 49, vvi5«rciri ih-: auiiK^nticatio-'i applet inciudes. a Uocr .U.) 

2 n-odtfje for obtaining a.nd t-eading a disnt ti-sej \D back to tiie server. 

1 5 1 I he nifitbod of citdm 5C>, fv.rf!it^r coniptii.;ng xkt:. s\ep ot' vornptJiing f.he ciier-t i.!.-icr 
;? Il.> ^vith iht first t5iU^.r ID U> rsirieve ;is« iin;t patiswotd fr;;;ni fne paj-.sv/ord daiabase. 

■! 52. l"he m«rhod of claim 5 i , furtb.er ccsmpthirig tht: steps of using the fir.st password a<,; 

2 a variable ijj the algorithm tu compute a vcriftcaiitxi respsnse and ocntparing tli« 
:> verUlcittion rs,>^<pt>n.fie. with the cherst re.spon.st^- 

1 S.I The .xK'tboa v t c.air, '^f , ttrthe. < < ; - t .^J w -\^p o' intsp^ v''\ "^c^-^. ^ 

2 Vv'hen the veru'teat oo -.no t'^e ai tn<_ tU'.o. rx:N.x-> . it 

t 54. The u^etit 'J o: v.i< 5ti. 4t- vs.soj^? r tK vU^v t*. .^cb . t^ v > ^h<^ t-ht*- 
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1 55 The method of claim 54, further comprising forwarding a ratidom chaiieBge to the 

2 cUcnt arui svherdn the one-way b.ssh furiction ba?h<;s the past-Vv-oKi sjid the rando.fn 

3 s;, vxa\ Icnge to get Iter . 

1 56. l"he trie;hod >;.f ciis^ro 46, further comprising the i-tcp.s of usir.g ths- ,f;r«t password to 

2 encrypt a token firsd ^V!r^J^ard5!^g the encrypted lokcn it; iht; ciieiit- 

1 57. I1)e niethixi of claim 56, Nvhertm '.he authentiorition appk-; liicludfts a response 

2 generator for u^mg the oiieni password and the algorithtr: to dccjypl Lfsc ericrvpied token. 

1 Sn. The rrtcthod of clairrj 57, svherciri the rcAponse ivencr«iot uyc3 0 soodific.iuon f,.icio->- 

2 to mods.ty the decrv-pted token. 

I 59. Tlie mi.¥th«d of claitri 58 > whcKhn tb.e response generator nses the ciient password 
ar/d the: algorithn^ to re-efjcrypt tVse niodified tokea and svheteif; the response irtckdeii iric 
re-eocsyp---^ token 



s >\>okj ). \ nhle 5 a' mi e v-: gerevdx ^■. k.-tx ar J 

>( u'jnot^'^ ' e'e."" rs^M* f-e<- tof ''.cniy)!!^; -he 3evoon>e 
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hn? p3i*'ivvoff3 lYsDduie for Bs;riQ She cj-enl p;a$;SyV<i;<! ss 3 vasiisble m ms aigcsfi'iKT: to comDi:!<i dieni fssfj;>f:rie. 'ihe SLiiner.tti.ttixifs i 
I sppiet fiiriner tnchid&s s commurifcasons moduse coup'ed to sne iesponse Qfinemsof and to t*!€- us«i !D rnoduisj lor ssnOin-^ trvw - 
iciisnt response and ?h8 tisef SD back to th« sefv«f kn \'&0ftr.:g the respofsse and aiiJhfmiscKisng She ussf. !he cissfjt uses sfs i 
Up55?«t STi.jiffe to ej^e ^:to tfsc sopies The sewf ■jss^-; she u^m \D la rsif^sv^ us-^f ;ntorm§Hon. and yscs tne nso' !r!iom!at!<sri a 
j vanabls io an algomhrn to generate a vsftfiCSitiOn f«*sponse. Sf tf-s vefificatiors fes;x*nsie ss; tfi« same es tns ciisnt response,; 
1 tnen the tdeotify pS tt^a usef fs venfled anti eccess mey bii prenieci. 



Cr sysieno cafifj'e'-sd :5efve-.:r >:x>tjpte par si": rsrseev.- ■■■ifD!P\-it->5!.!-j a ci!«nt Lors de !,5 u:co!>i;<"^ ii'uno. densisn-.;-: <t\:::<x~:s ;e : 
er.vO:? 3u ciiSi^t uri^' m!n!-3p:.iiiOi:;if.in «~3!.itner;t:St.;stion <;«'tt'-? fr!!!i!-.-5;:<piK.;jyon d'swtiie^-itificstc-:-; co iliS: -, un rnoduis • 
' <i'!d«^nisf!c;55;c-ri Dt Ht!- m^h f*M_- I't^b'tn > ^ VK^hr-u u?> .^.sn f s in rs id )ic nM-'i de pjri>'5<'', 

! p^":n!ett:=>f'i ct'Cibt-tr-;:; rsiot c;c p<s;>s«: <ki Oa^r-l Ls nurii-apfsj^jj'jo.'; d'^iitnsftjticatjon ^e^l■s-f^n.■^ ■;^J■:5!^^f?^^^,-^5; n.-^ q^;ne■^■i;■^^;■ de: 
'■ ii:pG':h<i coupie au r?-!(>d;Jie' ;T!o! pa&s* poijr pouv;>;:- iji>ii;'se- !ri>,5t d^: !>^«sse du die!-:t cj;."i!;r;e viinsbie dans un d.ijcfiifVT;-? i 
■ P>;::i5-!en3!-!t d$ ca'cuief id feporssa Cst^e fP^ni-appi^catJon d■au^^;^'^;5!f5c.«;JOf> >;;of5t:«rn m ouTse an ri-oduie 'M', 

cot-0';5;j'^;c5t;ons. ooupif? au ;;sr:«>fateuf d*- r-^ffSnse a!.; ffiodi-ite d idot5i.:S< iiijoft de "ui-lis^its^jr ppi,t: rsi-'Voyt- su 5--»fvei:f i.' feex-sn-js: [ 
jd!.i ciieist 8t t'identfficstion de i'uStssjftstjf, sfsrs de vsnfter la mponse et autnentffier i'uuiis;)t«!jf. L.e disru ytslise 

r>-iOt-?-.,;r da f^^ins-aDpiwat-cr; rx/.f exe-xt-of -.5 fiirii-apfsiicatK--; l.e ^;!^rv■•x^ ijti^e t':dern*cat;cn ca i'uyi.ssU:',;; py;.;: :<i-x«:!«:r. 

das- ;nf->fn\5-;!0iis d'u-ifiissteiif at :i :jt>:;-5§ oa& irifcf-iivS&on?. d■^.!^!i:s^^talir corrir-x- v.xiac-ie dana l,--: a^oc- t^-;"? i-'upu-i^.w-i d<,-: 
Igeneret utje reponse de vscfffcafcoti Si fe fefwose de vefifjcatiors f^t la mssrie que is res^onsa du dm<i, aiars ridentiia aei 
i ! utfSisasauf est vanftae at ! acc&s patrt asra acsorcis. ; 
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